JP6396119B2 - IC module, IC card, and IC card manufacturing method - Google Patents

Description

  Embodiments described herein relate generally to an IC module, an IC card, and an IC card manufacturing method.

  In recent years, an IC card equipped with an IC (Integrated Circuit) chip has been used in various fields. Some IC cards have a tamper resistant function for protecting against internal analysis (reverse engineering) and alteration. Conventional IC cards have a tamper-resistant function to improve security. However, the performance has been lowered, for example, the processing time has increased, and it has been difficult to achieve both security and performance. Therefore, there is a possibility that the conventional IC card cannot be used depending on the application from the viewpoint of security or performance.

JP 2003-196160 A

  The problem to be solved by the present invention is to provide an IC module, an IC card, and an IC card manufacturing method that can be used for various purposes.

The IC module according to the embodiment includes a tamper-resistant function unit, a nonvolatile storage unit, and a management unit. The tamper resistant functional unit has a tamper resistant function. The rewritable non-volatile storage unit stores level information that defines an operation level of the tamper resistant function unit. The management unit operates the tamper resistant function unit based on the level information. The non-volatile storage unit stores the level information corresponding to each of a plurality of processes, and the management unit sets the tamper resistant function unit according to an operation level defined for each process based on the level information. Make it work.

1 is an external view showing an example of an IC card according to a first embodiment. 1 is a diagram illustrating a hardware configuration example of an IC card according to a first embodiment. The block diagram which shows the function structural example of the IC card of 1st Embodiment. The figure which shows the example of data of the level information storage part of 1st Embodiment. The figure which shows a response | compatibility with the level information and operation level of 1st Embodiment. 6 is a flowchart illustrating an example of a procedure for setting level information of the IC card according to the first embodiment. 6 is a flowchart illustrating an example of the operation of the IC card according to the first embodiment. The figure which shows the example of data of the level information storage part of 2nd Embodiment. 9 is a flowchart illustrating an example of the operation of the IC card according to the second embodiment. The figure which shows the example of data of the level information storage part of 3rd Embodiment. The flowchart which shows an example of operation | movement of the IC card of 3rd Embodiment. The figure which shows an example of operation | movement of the IC card of 3rd Embodiment.

  Hereinafter, an IC module, an IC card, and an IC card manufacturing method according to embodiments will be described with reference to the drawings.

(First embodiment)
FIG. 1 is an external view showing an example of an IC card 1 according to the first embodiment.
As shown in this figure, the IC card 1 includes an IC module 10, and the IC module 10 includes a contact portion 3 and an IC chip 100 therein. The IC card 1 is formed, for example, by mounting an IC module 10 on a plastic card base 4 (an example of a card body). That is, the IC card 1 includes an IC module 10 and a card substrate 4 in which the IC module 10 is embedded. Further, the IC card 1 can communicate with the external device 2 via the contact unit 3.

For example, the IC card 1 receives a command (processing request) transmitted from the external device 2 via the contact unit 3 and executes processing (command processing) according to the received command. Then, the IC card 1 transmits a response (processing response) that is an execution result of the command processing to the external device 2 via the contact unit 3.
Here, the external device 2 is a host device that communicates with the IC card 1, and is, for example, a reader / writer device.

The IC module 10 includes a contact portion 3 and an IC chip 100, and is a module that is traded in a form such as COT (Chip On Tape) in which a plurality of IC modules 100 are arranged on a tape, for example.
The contact part 3 has terminals for various signals necessary for the operation of the IC card 1. Here, the various signal terminals include a terminal for receiving a power supply voltage, a clock signal, a reset signal, and the like from the external device 2 and a serial data input / output terminal (SIO terminal) for communicating with the external device 2. . The terminals supplied from the external device 2 include a power supply terminal (VDD terminal, GND terminal), a clock signal terminal (CLK terminal), and a reset signal terminal (RST terminal).
The IC chip 100 is, for example, an LSI (Large Scale Integration) such as a one-chip microprocessor.

FIG. 2 is a diagram illustrating a hardware configuration example of the IC card 1 according to the present embodiment.
As shown in this figure, the IC chip 100 includes a CPU (Central Processing Unit) 11, a RAM (Random Access Memory) 12, a ROM (Read Only Memory) 13, and an EEPROM (Electrically Erasable Programmable ROM) 14. An I / F (Interface) unit 15, a coprocessor 16, and a plurality of tamper resistant functional units 20 are provided. In the present embodiment, the IC chip 100 includes a random MC (machine cycle) unit 21, a glitch detection unit 22, a random weight unit 23, and a noise generator unit 24 as the tamper resistant function unit 20. Yes. Each component is connected via an internal bus 17.

The CPU 11 executes programs stored in the ROM 13 or the EEPROM 14 and performs various processes of the IC card 1. For example, the CPU 11 executes command processing according to a command received by the communication I / F unit 15 via the contact unit 3.
The RAM 12 is a volatile memory such as SRAM (Static RAM), for example, and temporarily stores data used when performing various processes of the IC card 1.

The ROM 13 is a non-volatile memory such as a mask ROM, for example, and stores a program for executing various processes of the IC card 1 and data such as a command table.
The EEPROM 14 (an example of a rewritable nonvolatile storage unit) is, for example, an electrically rewritable nonvolatile memory. The EEPROM 14 stores level information to be described later, change prohibition information for prohibiting the change of the level information, and the like.

  The communication I / F unit 15 inputs and outputs information communicated with the external device 2. The communication I / F unit 15 receives and receives information on a command transmitted from the external device 2 to the IC card 1. Further, the communication I / F unit 15 outputs information on the result of executing the received command processing by the CPU 11 as response information, and the information is transmitted from the IC card 1 to the external device 2. The command information received by the communication I / F unit 15 is temporarily stored in a dedicated area provided in the RAM 12 and then read out by the CPU 11 that monitors the dedicated area. Note that a power supply voltage, a clock signal, and a reset signal are supplied to the communication I / F unit 15 through the contact unit 3, and these signals are supplied to each unit through the communication I / F unit 15.

The coprocessor 16 is an auxiliary circuit for performing encryption processing and decryption processing at high speed. For example, the coprocessor 16 executes processing such as AES (Advanced Encryption Standard) encryption or RSA encryption, or a part of the processing. For example, the coprocessor 16 is instructed by the CPU 11 and executes processing related to encryption processing and decryption processing.
The internal bus 17 is a bus that performs data transfer between the units connected to the internal bus 17, for example.

  The tamper resistant function unit 20 is, for example, one of functions that enhance security, and is a functional unit having a tamper resistant function. Here, the tamper resistance refers to, for example, the ability to protect against internal analysis (reverse engineering) and modification, and refers to the ability to prevent reading and analysis of confidential data by unauthorized means from outside. Examples of techniques for attacking the IC card 1 include a side channel attack such as a power analysis attack and a failure use analysis attack, and the tamper resistant function unit 20 has a function of protecting these attacks.

As described above, in this embodiment, the IC module 10 includes, for example, the random MC unit 21, the glitch detection unit 22, the random weight unit 23, and the noise generator unit 24 with different tamper resistance functions. It demonstrates as what is provided as the tampering function part 20. FIG. In addition, each tamper resistant function unit 20 can set the operation level of the tamper resistant function by setting from the CPU 11.
Note that the random MC unit 21, the glitch detection unit 22, the random weight unit 23, and the noise generator unit 24 are tamper resistant if they indicate any tamper resistant functional unit included in the IC card 1 or are not particularly distinguished. This will be described as the sex function unit 20.

  The random MC unit 21 is a random weight unit for the CPU 11 that inserts a dummy cycle at random in the processing of the CPU 11 and randomly changes the number of execution clocks (the number of machine cycles) of the CPU 11 within a specific range. The random MC unit 21 changes the frequency of changing the number of execution clocks including the operation stop (OFF) of the random MC unit 21 according to the setting of the operation level.

  The glitch detection unit 22 detects that a glitch has been placed on a signal supplied to the communication I / F unit 15 via the contact unit 3. For example, in a failure use analysis attack, noise that induces a malfunction may be superimposed on a signal supplied to the IC card 1. Here, the glitch is, for example, noise that induces this malfunction. For example, the glitch detection unit 22 detects that a glitch of a predetermined voltage or more is input to the power supply voltage. That is, the glitch detection unit 22 detects that the power supply voltage has exceeded a predetermined voltage range, for example. In this case, the glitch detection unit 22 includes an operation level setting of operation stop (OFF) of the power supply voltage glitch detection function, and changes the sensitivity (for example, threshold voltage) for detecting the glitch according to the operation level setting. .

Further, the glitch detection unit 22 detects that the frequency of the CLK signal supplied to the CLK terminal exceeds a predetermined range, for example. In this case, the glitch detection unit 22 includes an operation level setting of operation stop (OFF) of the glitch detection function of the frequency of the CLK signal, and the sensitivity (for example, frequency range) for detecting the glitch according to the operation level setting. change.
For example, the glitch detection unit 22 detects that the voltage of the CLK signal supplied to the CLK terminal and the voltage of the RST signal supplied to the RST terminal exceed a predetermined range. In this case, the glitch detection unit 22 includes an operation level setting of operation stop (OFF) of the glitch detection function in the voltage of the CLK signal or the voltage of the RST signal, and the sensitivity (for example, the glitch detection function 22) , Threshold voltage).

  For example, the random weight unit 23 randomly inserts dummy cycles in the processing of the coprocessor 16. The random weight unit 23 changes the insertion frequency of the dummy cycle including the operation stop (OFF) of the random weight unit 23 according to the setting of the operation level.

  For example, the noise generator 24 randomly changes the power consumption consumed by the IC card 1 within a specific range. The noise generator unit 24 changes the power consumption range including the operation stop (OFF) of the noise generator unit 24 according to the setting of the operation level.

Next, a functional configuration example of the IC card 1 according to the present embodiment will be described with reference to FIG.
FIG. 3 is a block diagram showing a functional configuration example of the IC card 1 of the present embodiment.
As shown in this figure, the IC card 1 includes a communication unit 101, a command execution unit 102, a security management unit 103, a level information storage unit 141, a change prohibition information storage unit 142, a random MC unit 21, A glitch detection unit 22, a random weight unit 23, and a noise generator unit 24 are provided.
Here, each unit shown in FIG. 3 is realized by using the hardware shown in FIG.

  The communication unit 101 is realized by, for example, the communication I / F unit 15, the CPU 11, and a program stored in the ROM 13, and transmits / receives commands and responses to / from the external device 2 through the contact unit 3. Do.

  The command execution unit 102 has a function of executing command processing under the control of the CPU 11. For predetermined processing such as encryption processing and decryption processing, the command execution unit 102 causes the coprocessor 16 to execute, for example, part of the processing under the control of the CPU 11.

  The level information storage unit 141 is realized by using, for example, the EEPROM 14 and stores level information that defines the operation level of the tamper resistant function unit 20. For example, as shown in FIG. 4, the level information storage unit 141 stores level information corresponding to each of the random MC unit 21, the glitch detection unit 22, the random weight unit 23, and the noise generator unit 24. That is, the level information storage unit 141 stores level information corresponding to each of the plurality of tamper resistant functional units 20.

FIG. 4 is a diagram illustrating a data example of the level information storage unit 141 of the present embodiment. In the example shown in this figure, the level information storage unit 141 includes “level information for random MC”, “level information for glitch detection”, “level information for random weight”, and “level for noise generator”. Information "is stored.
The level information stored in the level information storage unit 141 is stored (written) by the external device 2 before the IC card 1 or the IC module 10 is shipped.

FIG. 5 is a diagram showing the correspondence between the level information and the operation level of the present embodiment.
As shown in FIG. 5, in this embodiment, four operation levels of “55h”, “5Ah”, “A5h”, and “AAh” are set as level information. Here, “h” indicates hexadecimal (hexadecimal) data. When the level information is “55h”, the tamper resistant operation level indicates the setting of “level 0” (tamper resistant function stop (OFF)), and when the level information is “5 Ah”, the tamper resistant operation is performed. The level indicates the setting of “level 1”. Further, when the level information is “A5h”, the tamper resistant operation level indicates the setting of “level 2”, and when the level information is “AAh”, the tamper resistant operation level is “level 3”. Shows the settings. “Level 0” is the setting with the lowest tamper resistance, and “Level 3” is the setting with the highest tamper resistance.
As described above, the level information defines the operation level by a plurality of bits (for example, 8 bits). The level information includes a first bit state (for example, “1” state) that is a bit state indicating the erase state of the EEPROM 14 and a second bit state (for example, “1” that indicates a write state). The operation level is defined by data including “0” state).

The change prohibition information storage unit 142 is realized by using, for example, the EEPROM 14 and stores change prohibition information for prohibiting the change of the level information. The change prohibition information stored in the change prohibition information storage unit 142 is stored (written) by the external device 2 after the level information is set and before the IC card 1 or the IC module 10 is shipped.
The EEPROM 14 includes the level information storage unit 141 and the change prohibition information storage unit 142 described above.

The security management unit 103 (an example of a management unit) operates the tamper resistant function unit 20 based on the level information stored in the level information storage unit 141. For example, the security management unit 103 operates each of the plurality of tamper resistant function units 20 based on the level information. That is, the security management unit 103 operates each tamper resistant function unit 20 based on the level information for each tamper resistant function unit 20 as shown in FIG.
The security management unit 103 is included in the change request when the communication unit 101 receives a change request (setting request) for changing (setting) the level information stored in the level information storage unit 141 from the external device 2. Change the level information to the level information value. Note that the security management unit 103 does not change the level information when the change prohibition information is stored in the change prohibition information storage unit 142.

  Further, when the communication unit 101 receives a request (setting request) for writing the change prohibition information in the change prohibition information storage unit 142 from the external device 2, the security management unit 103 stores the change prohibition information in the change prohibition information storage unit 142. Remember.

Next, operations of the IC card 1 and the IC module 10 according to the present embodiment will be described with reference to the drawings.
Here, first, a procedure for setting level information in the IC card 1 (or IC module 10) will be described with reference to FIG. The level information is set by the external device 2 before shipping the IC card 1 or the IC module 10 and before executing the issuing process, for example.

FIG. 6 is a flowchart showing an example of the level information setting procedure of the IC card 1 according to the present embodiment.
Here, an example in which the IC card 1 is connected to the external device 2 and the level information is set before the IC card 1 is shipped to the issuer will be described.

  As shown in FIG. 6, the external device 2 writes the system area of the IC card 1 (step S101). That is, the external device 2 stores setting information, initial value information, and the like of the card OS (operating system) in the EEPROM 14 of the IC card 1. By this writing, the card OS of the IC card 1 can be used, and the IC card 1 can shift to an issue phase in which application information, personal information, and the like are written in the EEPROM 14.

  Next, the external device 2 writes level information corresponding to the application (for example, application) (step S102). That is, the external device 2 stores level information in the EEPROM 14. For example, the external device 2 transmits a command for writing level information according to the application to the IC card 1, and the command execution unit 102 executes the corresponding command processing, so that the level information according to the application is stored in the level of the EEPROM 14. The information is stored in the information storage unit 141. Note that the IC card 1 of the present embodiment includes a plurality of tamper resistant functional units 20 such as a random MC unit 21, a glitch detection unit 22, a random weight unit 23, and a noise generator unit 24. Therefore, the external device 2 transmits to the IC card 1 a command for storing the level information corresponding to each tamper resistant function unit 20 in the level information storage unit 141.

For example, when the use of the IC card 1 requires a high security level such as a bank cash card or a credit card, the IC card 1 is provided with, for example, a tamper resistant function unit 20 via the external device 2. All are set to “Level 3”, the highest operating level. Thereby, the required high security level can be ensured.
Further, when the use of the IC card 1 is, for example, an ETC (Electronic Toll Collection System) that is likely to operate for a long time, the IC card 1 is connected via the external device 2. For example, the glitch detection unit 22 is set to “level 1” which is a low operation level. Thereby, in the use of ETC, it is possible to prevent the glitch detection unit 22 from erroneously detecting noise and stopping the operation of the IC card 1.

  Next, the external device 2 shifts the IC card 1 to the issue phase (step S103). That is, the external device 2 transmits a command for causing the IC card 1 to enter the issue phase to the IC card 1, and the command execution unit 102 executes the corresponding command processing to cause the IC card 1 to enter the issue phase. . Note that the change prohibition information is stored in the EEPROM 14 when the IC card 1 shifts to the issue phase. Here, the command to shift to the issue phase also serves as a request (setting request) for writing the change prohibition information into the change prohibition information storage unit 142. Therefore, the security management unit 103 of the IC card 1 stores the change prohibition information in the change prohibition information storage unit 142 in response to the command for causing the IC card 1 to enter the issue phase. Thereby, in the subsequent processing, the change of the level information stored in the level information storage unit 141 is prohibited. After the process of step S103, the external device 2 ends the process.

Next, the operation of the IC card 1 of this embodiment will be described with reference to FIG.
FIG. 7 is a flowchart showing an example of the operation of the IC card 1 of the present embodiment. The example shown in FIG. 7 shows the operation of the IC card 1 after the level information corresponding to the application is set by the setting procedure shown in FIG.

  When the IC card 1 is connected to the external device 2 and activated, as shown in FIG. 7, the security management unit 103 of the IC card 1 first acquires level information of each tamper resistant function unit 20. (Step S201). The security management unit 103 acquires level information corresponding to each tamper resistant function unit 20 from the level information storage unit 141 of the EEPROM 14. That is, for example, the security management unit 103 reads the level information of the random MC unit 21, the glitch detection unit 22, the random weight unit 23, and the noise generator unit 24 from the level information storage unit 141.

Next, the security management unit 103 changes the operation level of each tamper resistant function unit 20 based on the acquired level information (step S202). That is, the security management unit 103 sets the operation level for each tamper resistant function unit 20 based on the acquired level information. For example, the security management unit 103 sets the operation levels of the random MC unit 21, the glitch detection unit 22, the random weight unit 23, and the noise generator unit 24 based on the level information.
In the present embodiment, level information corresponding to the use is set in the level information storage unit 141, and the security management unit 103 performs setting according to the use in each tamper resistance function unit 20. Become. Thereby, each tamper-resistant function part 20 operate | moves by the operation level according to a use.

  Next, the IC card 1 determines whether or not a command has been received (step S203). That is, it is determined whether the communication unit 101 of the IC card 1 has received a command from the external device 2 via the contact unit 3 and the communication I / F unit 15. When the communication unit 101 receives a command (step S203: YES), the communication unit 101 advances the process to step S204. Further, when the command has not been received (step S203: NO), the communication unit 101 returns to the process of step S203 and repeats the process.

  In step S204, the command execution unit 102 of the IC card 1 executes command processing corresponding to the received command. When the command processing ends, the command execution unit 102 transmits a response to the communication unit 101 and returns the processing to step S205.

As described above, the IC module 10 according to the present embodiment includes the tamper resistant function unit 20 having a tamper resistant function, the EEPROM 14 (an example of a rewritable nonvolatile storage unit), and the security management unit 103 (management). An example). The EEPROM 14 stores level information that defines the operation level of the tamper resistant function unit 20. The security management unit 103 operates the tamper resistant function unit 20 based on the level information stored in the EEPROM 14.
Thereby, the IC module 10 according to the present embodiment can flexibly change the operation level of the tamper resistant function unit 20 according to the application, for example, by setting the level information in the EEPROM 14. Therefore, the IC module 10 according to the present embodiment can be used for various applications having different security levels or performance.

  The IC module 10 according to the present embodiment can perform various security settings by setting level information in the EEPROM 14. Therefore, the IC module 10 according to the present embodiment can receive a plurality of types of certification without changing the program of the ROM 13 when receiving the security certification, for example. Therefore, the IC module 10 according to the present embodiment can acquire the certification in which an appropriate security level is set, and can reduce the period and cost for the certification.

In the present embodiment, the IC module 10 includes a plurality of tamper resistant functional units 20 having different tamper resistant functions. The plurality of tamper resistant functional units 20 are, for example, a random MC unit 21, a glitch detection unit 22, a random weight unit 23, a noise generator unit 24, and the like. The EEPROM 14 stores level information corresponding to each of the plurality of tamper resistant functional units 20. Then, the security management unit 103 operates each of the plurality of tamper resistant function units 20 based on the level information.
Thereby, the IC module 10 according to the present embodiment can set a more complicated security level according to the application. Therefore, the IC module 10 according to the present embodiment can be used for various purposes.

In the present embodiment, the EEPROM 14 stores change prohibition information for prohibiting the change of level information. The security management unit 103 prohibits the change of the level information based on the change prohibition information stored in the EEPROM 14.
Thereby, the IC module 10 according to the present embodiment can prohibit the change after setting the level information. Therefore, the IC module 10 according to the present embodiment reduces the possibility that the function of changing the operation level of the tamper resistant function unit 20 is abused by setting the level information by a third party after the issuing process. be able to.

In the present embodiment, the level information includes a first bit state (for example, bit “1”) that is a bit state indicating the erase state of the EEPROM 14 and a second bit state that indicates the write state of the EEPROM 14. The operation level is defined by a plurality of bits including a bit state (for example, bit “0”). The level information is set by data including the same number of bits “1” and “0”, such as “55h”, “5Ah”, “A5h”, and “AAh”, for example.
As a result, the IC module 10 according to the present embodiment can detect falsification of the level information even when trying to falsify the level information, for example, by locally irradiating the EEPROM 14 with ultraviolet rays. Can be secured. That is, in the IC module 10 according to the present embodiment, the level information is set by the pattern data as described above. For example, the level information is changed from “AAh” to “55h”, for example, by irradiating ultraviolet rays. It is difficult to change the setting to an appropriate setting, and unauthorized alteration of the level information can be prevented.

In addition, the IC card 1 according to the present embodiment includes a tamper resistant function unit 20 having a tamper resistant function, an EEPROM 14 (an example of a rewritable nonvolatile storage unit), and a security management unit 103 (an example of a management unit). And. The EEPROM 14 stores level information that defines the operation level of the tamper resistant function unit 20. The security management unit 103 operates the tamper resistant function unit 20 based on the level information stored in the EEPROM 14.
As a result, the IC card 1 according to the present embodiment can be used for various uses having different security levels or performances, like the IC module 10.

Further, the manufacturing method of the IC card 1 according to the present embodiment includes a step of storing level information in the EEPROM 14 and a step of storing change prohibition information for prohibiting the change of the level information in the nonvolatile storage unit. The IC card 1 includes a security management unit 103 that operates the tamper resistant function unit 20 based on level information that defines an operation level of the tamper resistant function unit 20 having a tamper resistant function.
Thereby, the manufacturing method according to the present embodiment can cause the IC card 1 to be used for various uses having different security levels or performances.

(Second Embodiment)
Next, the IC module 10 and the IC card 1 according to the second embodiment will be described with reference to the drawings.
In the present embodiment, an example will be described in which level information is stored in a plurality of storage areas.
Note that the hardware configuration and functional configuration of the IC card 1 according to the present embodiment are the same as those of the first embodiment shown in FIGS.

FIG. 8 is a diagram illustrating an example of data in the level information storage unit 141 of the present embodiment.
As shown in this figure, the level information storage unit 141 of the present embodiment stores the same level information in a plurality of storage areas (for example, two storage areas). That is, the level information storage unit 141 stores, for example, two level information of “level information 1” (D1) and “level information 2” (D2). Here, “level information 1” (D1) and “level information 2” (D2) are the same information, and the same information is mirrored and stored in two storage areas having different addresses.

  The security management unit 103 operates the tamper resistant function unit 20 based on a plurality of level information stored in a plurality of storage areas. That is, for example, when all of the plurality of level information matches, the security management unit 103 determines that the level information has not been tampered with and sets the tamper resistance function unit 20 based on the level information. . For example, when any one of the plurality of level information does not match, the security management unit 103 determines that the level information has been tampered with and performs error processing. Here, the error process may be a process for stopping the operation of the IC card 1 or a process for setting the operation level of the tamper resistant function unit 20 to the highest setting.

Next, the operation of the IC card 1 according to the present embodiment will be described.
First, the basic operation of the level information setting procedure of the IC card 1 is the same as the level information setting procedure of the first embodiment shown in FIG. However, in this embodiment, the IC card 1 stores the same level information in two storage areas.

Next, the operation of the IC card 1 according to the present embodiment will be described with reference to FIG.
FIG. 9 is a flowchart showing an example of the operation of the IC card 1 of the present embodiment.
The example shown in FIG. 9 shows the operation of the IC card 1 after the level information (for example, “level information 1” (D1) and “level information 2” (D2)) according to the application is set.

  When the IC card 1 is connected to the external device 2 and activated, as shown in FIG. 9, the security management unit 103 of the IC card 1 first “level information 1” of each tamper resistant function unit 20. (D1) and “level information 2” (D2) are acquired (step S301).

  Next, the security management unit 103 determines whether “level information 1” (D1) and “level information 2” (D2) match (step S302). When “level information 1” (D1) and “level information 2” (D2) match (step S302: YES), the security management unit 103 advances the process to step S303. Further, when “level information 1” (D1) and “level information 2” (D2) do not match (step S302: NO), the security management unit 103 advances the process to step S306.

Since the processing from step S303 to step S305 is the same as the processing from step S202 to step S204 shown in FIG. 7, the description thereof is omitted here.
In step S306, the security management unit 103 executes error processing and ends the processing. The error processing here is processing for stopping the operation of the IC card 1, for example.

As described above, in the present embodiment, the EEPROM 14 stores the same level information in a plurality of storage areas (for example, two storage areas). Then, the security management unit 103 operates the tamper resistant function unit 20 based on the plurality of level information stored in the plurality of storage areas.
Thereby, when a third party falsifies the level information, it is necessary to falsify the level information stored in a plurality of storage areas. Therefore, the IC module 10 and the IC card 1 of the present embodiment have higher security. Can be used for various purposes.

(Third embodiment)
Next, an IC module 10 and an IC card 1 according to the third embodiment will be described with reference to the drawings.
In the first embodiment described above, an example in which different level information for operating the tamper resistant function unit 20 is set according to the application has been described. However, in the present embodiment, specific processing executed by the IC card 1 is performed. An example in which level information is set in association with each other will be described.
Note that the hardware configuration and functional configuration of the IC card 1 according to the present embodiment are the same as those of the first embodiment shown in FIGS.

FIG. 10 is a diagram illustrating a data example of the level information storage unit 141 of the present embodiment.
As shown in this figure, the level information storage unit 141 of this embodiment stores level information corresponding to each of a plurality of processes. In the example shown in this figure, the level information storage unit 141 includes, for example, “level information for random MC” corresponding to “processing 1”, “level information for glitch detection”, and “level information for random weight”. And “level information for the noise generator” are stored. Further, the level information storage unit 141, for example, “level information for random MC” corresponding to “processing 2”, “level information for glitch detection”, “level information for random weight”, and “noise” "Level information for the generator" is stored. Thus, the level information storage unit 141 stores level information as a table of level information corresponding to each process.

  Note that the processing (specific processing) for setting level information may be security-related processing such as encryption processing, decryption processing, and authentication processing, or may be various command processing. In other words, the level information may be set in association with, for example, processing related to security, or may be set in association with various command processing.

  Further, the security management unit 103 according to the present embodiment operates the tamper resistant function unit 20 at an operation level defined for each process based on the level information. For example, when executing one of a plurality of processes, the security management unit 103 changes an operation level for operating the tamper resistant function unit 20 based on level information corresponding to the process. In addition, when the processing is completed, the security management unit 103 returns the operation level for operating the tamper resistant function unit 20 to the state before the start of the processing.

  When the security management unit 103 acquires the level information stored in the level information storage unit 141, the security management unit 103 temporarily stores the acquired level information in the RAM 12 as current level information indicating the set value of the current operation level. . The security management unit 103 changes the operation level for operating the tamper resistant function unit 20 based on the current level information. Further, when setting the operation level corresponding to different processing, the security management unit 103 temporarily saves the current level information in another storage area of the RAM 12, and then stores the level information stored in the level information storage unit 141. It is stored in the RAM 12 as current level information. When the processing is completed, the security management unit 103 returns the saved previous current level information as current level information, and the tamper resistance function unit 20 is changed based on the returned current level information. The operation level to be operated is returned to the state before the start of the processing.

Next, the operation of the IC card 1 according to the present embodiment will be described.
First, the basic operation of the level information setting procedure of the IC card 1 is the same as the level information setting procedure of the first embodiment shown in FIG. However, in the present embodiment, the IC card 1 stores level information corresponding to each of a plurality of processes.

Next, the operation of the IC card 1 according to the present embodiment will be described with reference to FIG.
FIG. 11 is a flowchart showing an example of the operation of the IC card 1 of the present embodiment.
The example shown in FIG. 11 shows the operation of the IC card 1 after level information corresponding to each of a plurality of processes is set. In the present embodiment, an example will be described in which the level information setting process is a part of command processing related to security with high confidentiality (hereinafter referred to as security processing).

  When various processes are executed in a state where the IC card 1 is connected to the external device 2 and activated, as shown in FIG. 11, the security management unit 103 of the IC card 1 first executes the level process. It is determined whether or not the security process is set for information (step S401). If the security management unit 103 is a security process (step S401: YES), the process proceeds to step S402. If the security management unit 103 is not a security process (step S401: NO), the security management unit 103 advances the process to step S406.

  In step S402, the level information of each tamper resistant functional unit 20 corresponding to the processing is acquired. That is, for example, the security management unit 103 reads the level information of the random MC unit 21, the glitch detection unit 22, the random weight unit 23, and the noise generator unit 24 corresponding to the processing from the level information storage unit 141. Further, the security management unit 103 saves the current level information of the RAM 12 described above in another storage area of the RAM 12, and then stores the level information read from the level information storage unit 141 in the RAM 12 as new current level information.

  Next, the security management unit 103 changes the operation level of each tamper resistant function unit 20 based on the acquired level information (step S403). That is, the security management unit 103 sets an operation level for each tamper resistant function unit 20 based on the current level information in the RAM 12. Thereby, the operation level of each tamper-resistant function part 20 corresponding to the said process is set.

Next, the command execution unit 102 executes the process (step S404).
Next, when the execution of the processing is completed, the security management unit 103 returns the operation level of the tamper resistant function unit 20 (step S405). That is, the security management unit 103 returns the saved previous current level information, and sets the operation level for each tamper resistant function unit 20 based on the current level information.

  In step S406, the command execution unit 102 executes predetermined processing. Here, the command execution unit 102 executes a predetermined process without changing the operation level of each tamper resistant function unit 20.

Next, an example of the operation of the IC card 1 that changes the operation level of the tamper resistant function unit 20 according to processing will be described with reference to FIG.
FIG. 12 is a diagram illustrating an example of the operation of the IC card 1 of the present embodiment.
This figure shows the operation of each IC card 1 when level information is set for the “application A”, “application B”, and “application C” having different required security levels and performance. A comparison is shown.

“Application A” is used, for example, in a use requiring the highest security level among the three applications and having no limitation on the processing time. In addition, “application C” is used, for example, in applications where the processing time is limited and the required security level is the lowest among the three applications. In addition, “application B” is used, for example, in applications that require an intermediate security level between “application A” and “application C”.

Here, “application A”, “application B”, and “application C” are all subjected to predetermined command processing (eg, “processing A” and “AES encryption processing” in “command processing X”). It will be described as a thing.
FIG. 12 illustrates an example in which the random MC unit 21 and the random weight unit 23 are used as the tamper resistant function unit 20.

  In the example illustrated in FIG. 12, in “command processing X” of “application A”, first, the security management unit 103 performs random processing based on level information corresponding to “command processing X” stored in the level information storage unit 141. The operation level of the MC unit 21 is set to “level 3”, and the operation level of the random weight unit 23 is set to “level 0 (OFF)”. Then, when “Processing A” is executed, the security management unit 103 sets the operation level of the random MC unit 21 to “Level” based on the level information corresponding to “Processing A” stored in the level information storage unit 141. 3 ”, the operation level of the random weight unit 23 is set to“ level 0 (OFF) ”. Here, since the level information of “command processing X” and the level information of “processing A” are the same setting, the operation level is not changed.

Next, when “AES encryption processing” is executed, the security management unit 103 operates the operation level of the random MC unit 21 based on the level information corresponding to “AES encryption processing” stored in the level information storage unit 141. Is set to “level 3”, and the operation level of the random weight unit 23 is set to “level 3”. As a result, during the “AES encryption process”, the random MC unit 21 and the random weight unit 23 operate at “level 3”.
When the “AES encryption process” is finished, the security management unit 103 returns the operation level of the random MC unit 21 to “level 3” and the operation level of the random weight unit 23 to “level 0 (OFF)”. .
As described above, since “application A” requires a higher security level than other applications, the security management unit 103 sets the random MC unit 21 and the random weight unit 23 during “AES encryption processing”. Operate at “Level 3”. The security management unit 103 operates the random MC unit 21 at “level 3” and does not operate the random weight unit 23 during other processing. In this case, “application A” can ensure a higher security level than “application B” and “application C”.

  On the other hand, in the “command processing X” of “application B”, the security management unit 103 first selects a random MC unit based on the level information corresponding to “command processing X” stored in the level information storage unit 141. The operation level of 21 is set to “level 0 (OFF)”, and the operation level of the random weight unit 23 is set to “level 0 (OFF)”. Then, when “Processing A” is executed, the security management unit 103 sets the operation level of the random MC unit 21 to “Level” based on the level information corresponding to “Processing A” stored in the level information storage unit 141. 2 ”, the operation level of the random weight unit 23 is set to“ level 0 (OFF) ”. When “Processing A” ends, the security management unit 103 sets the operation level of the random MC unit 21 to “level 0 (OFF)” and the operation level of the random weight unit 23 to “level 0 (OFF)”. Return to.

Next, when “AES encryption processing” is executed, the security management unit 103 operates the operation level of the random MC unit 21 based on the level information corresponding to “AES encryption processing” stored in the level information storage unit 141. Is set to “level 3”, and the operation level of the random weight unit 23 is set to “level 3”. When the “AES encryption process” is finished, the security management unit 103 sets the operation level of the random MC unit 21 to “level 0 (OFF)” and the operation level of the random weight unit 23 to “level 0 (OFF)”. Return to
Thus, since “application B” requires an intermediate security level among the three applications, the security management unit 103 performs the random MC unit 21 and the random weight unit 23 during the “AES encryption process”. Is operated at “level 3”. In addition, during the “process A”, the security management unit 103 operates the random MC unit 21 at “level 2” and does not operate the random weight unit 23. The security management unit 103 does not operate the random MC unit 21 and the random weight unit 23 during other processing.

  In “command processing X” of “application C”, first, the security management unit 103 operates the random MC unit 21 based on the level information corresponding to “command processing X” stored in the level information storage unit 141. The level is set to “level 0 (OFF)”, and the operation level of the random weight unit 23 is set to “level 0 (OFF)”. Then, when “Processing A” is executed, the security management unit 103 sets the operation level of the random MC unit 21 to “Level” based on the level information corresponding to “Processing A” stored in the level information storage unit 141. The operation level of the random weight unit 23 is set to “level 0 (OFF)”. Here, since the level information of “command processing X” and the level information of “processing A” are the same setting, the operation level is not changed.

Next, when “AES encryption processing” is executed, the security management unit 103 operates the operation level of the random MC unit 21 based on the level information corresponding to “AES encryption processing” stored in the level information storage unit 141. Is set to “level 2”, and the operation level of the random weight unit 23 is set to “level 2”. As a result, during the “AES encryption process”, the random MC unit 21 and the random weight unit 23 operate at “level 3”.
When the “AES encryption process” is finished, the security management unit 103 sets the operation level of the random MC unit 21 to “level 0 (OFF)” and the operation level of the random weight unit 23 to “level 0 (OFF)”. Return to

  As described above, since the processing time is limited in “application C”, the security management unit 103 operates the random MC unit 21 and the random weight unit 23 at “level 2” during “AES encryption processing”. Thus, the random MC unit 21 and the random weight unit 23 are not operated during other processing. The random MC unit 21 and the random weight unit 23 have a longer processing time as the operation level is higher. However, since the random MC unit 21 and the random weight unit 23 are not operated in “application C” except during “AES encryption processing”, the processing time is shortened compared to “application A” and “application B”. Can do.

  In the above-described example, the example in which the level information is set for “command processing X”, “processing A”, and “AES encryption processing” has been described. May be. Moreover, although the example which sets the operation level of the random MC part 21 and the random weight part 23 was demonstrated in the example mentioned above, it implemented using the other tamper-resistant function part 20 of the random MC part 21 and the random weight part 23. May be.

As described above, in the present embodiment, the EEPROM 14 stores level information corresponding to each of a plurality of processes. Then, the security management unit 103 operates the tamper resistant function unit 20 at an operation level defined for each process based on the level information.
Thereby, as shown in FIG. 12, the IC module 10 and the IC card 1 of the present embodiment have the tamper resistant function unit 20 for each process according to the security level and performance (for example, processing time). Since the operation level is set, it is possible to control the operation level of the more tamper-resistant function unit 20 more complicatedly. Therefore, the IC module 10 and the IC card 1 according to the present embodiment can be used for various purposes according to the requirements of security level and performance (for example, processing time).

In the present embodiment, the security management unit 103 operates the tamper resistant function unit 20 based on the level information corresponding to the process when executing one of the plurality of processes. To change. Then, when the process is completed, the security management unit 103 returns the operation level for operating the tamper resistant function unit 20 to the state before the start of the process.
Thereby, the IC module 10 and the IC card 1 of this embodiment can appropriately change the operation level for operating the tamper resistant function unit 20 for each process.

  In each of the above embodiments, an example in which each embodiment is implemented alone has been described, but the embodiments may be combined and implemented. For example, you may implement combining 2nd Embodiment and 3rd Embodiment.

Further, in each of the embodiments described above, the IC card 1 is configured to include the EEPROM 14 as a rewritable nonvolatile memory. However, the present invention is not limited to this. For example, the IC card 1 may include a flash EEPROM, a FeRAM (Ferroelectric Random Access Memory) or the like instead of the EEPROM 14.
In each of the above embodiments, the IC card 1 has been described as communicating with the external device 2 via the contact unit 3. However, the IC card 1 communicates with the external device 2 via a contactless interface using a coil or the like. You may comprise.

  In each of the above embodiments, the IC card 1 has been described as an example including the random MC unit 21, the glitch detection unit 22, the random weight unit 23, and the noise generator unit 24 as the tamper resistant function unit 20. It is not limited to this. The IC card 1 may include a tamper resistant function unit 20 having other tamper resistant functions, and among the random MC unit 21, the glitch detection unit 22, the random weight unit 23, and the noise generator unit 24. May be provided.

Further, in each of the above embodiments, the example in which the coprocessor 16 performs the AES encryption process has been described. However, the AES encryption process may be executed by the program processing of the CPU 11.
In each of the above embodiments, the example in which the IC card 1 has the function of prohibiting the change of the level information has been described. Further, the example in which the process for prohibiting the change of the level information is executed before the IC card 1 or the IC module 10 is shipped has been described. However, the present invention is not limited to this, and the change of the level information is prohibited. It may be a form in which the processing is not executed.

In the second embodiment, the example in which the level information storage unit 141 stores the same level information in two storage areas has been described. However, the present invention is not limited to this, and three or more storages are stored. It may be stored in the area.
Further, in the third embodiment, the example in which the level information storage unit 141 stores the level information corresponding to each process has been described. For example, when the IC card 1 has a plurality of applications, You may make it memorize | store the level information corresponding to an application. In this case, the IC module 10 and the IC card 1 can flexibly change the security level and performance (for example, processing time) according to the application.

  According to at least one embodiment described above, the tamper resistant function unit 20 having a tamper resistant function, the EEPROM 14 that stores the level information that defines the operation level of the tamper resistant function unit 20, and the level information Based on this, the security management unit 103 that operates the tamper resistant function unit 20 can be used for various purposes.

Note that a program for realizing the function of each component included in the IC card 1 in the embodiment is recorded on a computer-readable recording medium, and the program recorded on the recording medium is read into a computer system and executed. The processing in each configuration included in the IC card 1 described above may be performed. Here, “loading and executing a program recorded on a recording medium into a computer system” includes installing the program in the computer system. The “computer system” here includes an OS and hardware such as peripheral devices.
Further, the “computer system” may include a plurality of computer devices connected via a network including a communication line such as the Internet, WAN, LAN, and dedicated line. The “computer-readable recording medium” refers to a storage device such as a flexible medium, a magneto-optical disk, a portable medium such as a ROM and a CD-ROM, and a hard disk incorporated in a computer system. As described above, the recording medium storing the program may be a non-transitory recording medium such as a CD-ROM.

  The recording medium also includes a recording medium provided inside or outside that is accessible from the distribution server in order to distribute the program. It should be noted that the program may be divided into a plurality of parts and downloaded at different timings, and the structure combined with each component provided in the IC card 1 or the distribution server that distributes each of the divided programs may be different. Furthermore, the “computer-readable recording medium” holds a program for a certain period of time, such as a volatile memory (RAM) inside a computer system that becomes a server or a client when the program is transmitted via a network. Including things. The program may be for realizing a part of the functions described above. Furthermore, what can implement | achieve the function mentioned above in combination with the program already recorded on the computer system, what is called a difference file (difference program) may be sufficient.

  Although several embodiments of the present invention have been described, these embodiments are presented by way of example and are not intended to limit the scope of the invention. These embodiments can be implemented in various other forms, and various omissions, replacements, and changes can be made without departing from the spirit of the invention. These embodiments and their modifications are included in the scope and gist of the invention, and are also included in the invention described in the claims and the equivalents thereof.

  DESCRIPTION OF SYMBOLS 1 ... IC card, 2 ... External device, 3 ... Contact part, 4 ... Card base material, 10 ... IC module, 11 ... CPU, 12 ... RAM, 13 ... ROM, 14 ... EEPROM, 15 ... Communication I / F part, DESCRIPTION OF SYMBOLS 16 ... Coprocessor, 17 ... Internal bus, 20 ... Tamper-resistant function part, 21 ... Random MC part, 22 ... Glitch detection part, 23 ... Random weight part, 24 ... Noise generator part, 100 ... IC chip, 101 ... Communication , 102 ... Command execution part, 103 ... Security management part, 141 ... Level information storage part, 142 ... Change prohibition information storage part

Claims (10)

A tamper resistant functional part having a tamper resistant function;
A rewritable nonvolatile storage unit that stores level information that defines an operation level of the tamper resistant function unit;
A management unit that operates the tamper resistant functional unit based on the level information, and
The non-volatile storage unit stores the level information corresponding to each of a plurality of processes,
The management unit is an IC module that operates the tamper resistant function unit at an operation level defined for each process based on the level information . Provided with a plurality of tamper-resistant functional portions having different tamper-resistant functions,
The nonvolatile storage unit stores the level information corresponding to each of the plurality of tamper resistant functional units,
The IC module according to claim 1, wherein the management unit operates each of the plurality of tamper-resistant functional units based on the level information. The management unit
When executing one of the plurality of processes, based on the level information corresponding to the process, change the operation level for operating the tamper resistant function unit,
The IC module according to claim 1 or 2 , wherein when the processing is completed, the operation level for operating the tamper-resistant function unit is returned to a state before the processing is started. The nonvolatile storage unit stores change prohibition information for prohibiting the change of the level information,
The IC module according to any one of claims 1 to 3 , wherein the management unit prohibits the change of the level information based on the change prohibition information.   A tamper resistant functional part having a tamper resistant function;
  A rewritable nonvolatile storage unit that stores level information that defines an operation level of the tamper resistant function unit;
  Based on the level information, a management unit that operates the tamper resistant function unit;
  With
  The nonvolatile storage unit stores the same level information in a plurality of storage areas,
  The management unit operates the tamper resistant function unit based on a plurality of the level information stored in the plurality of storage areas.
  IC module.   Provided with a plurality of tamper-resistant functional portions having different tamper-resistant functions,
  The nonvolatile storage unit stores the level information corresponding to each of the plurality of tamper resistant functional units,
  The management unit operates each of the plurality of tamper resistant functional units based on the level information.
  The IC module according to claim 5. The nonvolatile storage unit stores the same level information in a plurality of storage areas,
The IC module according to any one of claims 1 to 4 , wherein the management unit operates the tamper resistant function unit based on a plurality of the level information stored in the plurality of storage areas. The level information includes a first bit state that is a bit state that indicates an erase state of the nonvolatile storage unit, and a second bit state that is a bit state that indicates a write state of the nonvolatile storage unit. The IC module according to any one of claims 1 to 7 , wherein the operation level is defined by a plurality of bits. The IC module according to any one of claims 1 to 8 ,
An IC card comprising: a main body in which the IC module is embedded. Management for operating the tamper-resistant function unit according to the operation level defined for each process based on the level information based on the level information defining the operation level of the tamper-resistant function unit having a tamper-resistant function A method of manufacturing an IC card comprising a portion,
Storing the level information corresponding to each of a plurality of processes in a rewritable nonvolatile storage unit;
Storing the change prohibition information for prohibiting the change of the level information in the non-volatile storage unit.

Images